Configuring Environment for Remote WMI Information Collection

WMI (Windows Management Instrumentation) is a Microsoft tool for web-based enterprise management. WMI can be used to inspect endpoints and collect information on them.

Basic Requirements

The following settings are required to use WMI on Windows endpoints: - Port 135/TCP must be available.

• The following services must be running on the endpoint:

  • Server
  • Windows Management Instrumentation (WMI)

• WMI communication must be allowed in the firewall.

Additional Configuration and Troubleshooting Options

Please check the following configuration settings for remote WMI information collection: 1. Configure Active Directory settings as follows. Settings can be applied to endpoints using Group Policy. - Member of Domain Administrators or Local Administrators group

• Members of domain groups:

  • Performance Log Users
  • Distributed COM Users

• Permissions for group members:

  • Act as part of Operating System
  • Log on as a batch job
  • Log on as a service
  • Replace a process

2. Run the dcomcnfg utility and then set endpoint permissions. - Access Permissions: Enable all - Launch and Activation Permissions: Enable all

3. Run the wmimgmt.msc utility and configure security settings for the WMI domain. Assign permissions to the domain for the following locations:

• root/CIMv2
• root/Default
• root/SecurityCenter
• root/SecurityCenter2

Assign the following permissions to each domain:

• Execute Methods
• Enable Account
• Remote Enable
• Read Security